Configure the CyberArk vault to allow MID Server access and install the CyberArk AIM API on the MID Server machine.
Before you start
Role required: admin
Before beginning this procedure, make sure that the External Credential Storage plugin is initiated.
Configure the CyberArk vault with the application ID and authentication details that all MID Servers requesting credentials will utilize.
For details, refer to the CyberArk Credential Provider and ASCP Implementation Guide.
Ensure that CyberArk is configured to permit the MID Server to access the vault by creating an App-ID in CyberArk called ServiceNow_MID_Server.
Ensure that each credential the MID Server needs is granted access to the ServiceNow_MID_Server App-ID.
Note: You can override the default ServiceNow_MID_Server App-ID in the MID Server config.xml file using the ext.cred.app_id parameter. If you change the value in this parameter, make sure to configure a matching value in the vault.
Install the CyberArk Credential Provider, including the AIM API, on each machine that hosts a MID Server service that is used to access the credential store.
Arrangement CyberArk accounts and set consents for application get to.
For details, refer to the CyberArk Privileged Account Security Implementation Guide.
Inclined to build a profession as CyberArk ? Get trained on CyberArk Training. Kick Start Your Career!
In the CyberArk Password Safe, create the privileged accounts required by Discovery, Orchestration, or Service Mapping to access different devices and ensure that these accounts are members of the safes in which the necessary credentials are stored.
Include the Credential Provider and application users as members of the Password Safes where the application passwords are stored.